Phishing messages are sent to university e-mail addresses almost on a daily basis. DO NOT REPOND to such messages in ANY WAY!

Also don't be fooled by the fact that the sender contains VUB or ULB references or a VUB or ULB e-mail address. It does not make a message a legitimate one!

Also note that threatening users with closing their account or deactivating credit cards is used frequently to persuade users to respond to such messages. In any case, do NOT respond to these messages nor click on any link in the message to be entirely safe.

If in doubt about a message you have received, contact the ICT-Helpdesk.

For more details on phishing itself, see the links at the bottom of this document.

Older phishing messages

Phishing 13 February

The latest phishing - in reasonable English - makes you believe that you have to confirm your account to prevent it from being deactivated. As always, DO NOT RESPOND TO THIS MESSAGE OR CLICK ON THE LINK.

We notice that most staff have abandon their email account as a result of either they do not work with this vub.ac.be or have chose to use another email account.

Due to congestion on our email server, all unused email Accounts would be shut down and deleted from our email system. We advise that you follow the procedure of the link below and validate your email account still active or your email will be suspended/deleted as inactive email account.

Your email validation process: https://secure-web.cisco.com/1uP7LmTsZgqsc6W7WUXaCCDXSCUW_lujZXojWNt9nNs_y7RHg9opNcvnW9dM_Pf9t3t-kH5lyHeoTGsEwpNVvMYhCAslIWpfL_2ow6hG4MPPvEt413kxNfrsWuKCJySufomtgNSrYCgw-jnf6jfImnzxSW5VVanxPq6pu527smiaVekV9JRJ5CECPjZZzwT3ata4dCRoAFQjpAze15oeND7gAms-UAU4fSwQMMEPA-KMVuDr3mShlQpXyCFesn49RVCQ1c8eUdIDfoHVcpe3Cx5pWke9WMWhPmQnDQ7Ztiic/https%3A%2F%2Fwww.powr.io%2Fplugins%2Fform-builder%2Fview%2F13392730%3Fmode%3Dpage After validating your email on the link above, new features will be added after 24hs.

DISCLAIMER: This message may contain confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail-message by mistake and delete this e-mail-mess age from your system. KBC Zagreb ltd. accepts no liability for any potential damage caused by this message and files attached to it.

[1] https://webmailvubacbeupdate.weebly.com/

Phishing 8 Januari

This phishing makes you believe it comes from the helpdesk. Check the e-mail address to make sure it really came from us. DO NOT RESPOND TO THIS MESSAGE OR CLICK ON THE LINK.

Welcome Back. This is the new Web-Mail<https://secure-web.cisco.com/1eWJyHfoPntkSI6bN75R0gOvrKHnem_fr6lRyU3PZzXEI_SocObZKafhQ_u6mKUPqKQWBRjcH9qIIDil9oZcytsNnwsB6da-MI2bKnOMwVQ30zEunTF3UrCTkx4JV8LnXXIiFTUg0TJJH6uBaBuVKta3i2supmagpQf4F3YVr42Vqn0N3DOnSCw-1_2p8H3umJE8l6a8CmcPX_g8wN9AQyDs8XO7TeUDKiWKAirtFXHFVyaaf13kYCx-mOP-5NSzY/https%3A%2F%2Fdota2today.com%2FMigrate%2F365.HTML> for Staff Single Sign-on.Migrate to The new Outlook Web app for Staff, the new home for online self-service and information. [1]

This phishing (in excellent Dutch) makes you believe it comes from the HelpDesk itself. Check the e-mail address to make sure it really came from us. DO NOT RESPOND TO THIS MESSAGE OR CLICK ON THE LINK.

We have recently detected some unusual phishing attempt on your email account and your email account will be suspended and deleted as inactive email within 24/48 hours. You are advice to follow the instruction below and secure/update your email account as active email account.

Please click or copy and paste the link to update: https://formcrafts.com/a/30955

Thank you for your anticipated cooperation.Best Regards

13 October - Final Warning Compulsory Email Confirmation Before De-activation

This phishing (in Englishish) makes you believe you have to confirm or cancel the removal of your account. DO NOT RESPOND TO THIS MESSAGE.

You must have received this notification severally, this is the final WARNING, We received a request on Date: 09/10/17 8:16 AM (EET) to terminate your account. Please confirm this request to complete the deletion process: Failure to comply will lead to automatic De-activation

Yes, I would like to deactivate [1]

No I didn't make this request [1]

Thanks. (C) 2017 Email INC. All Rights Reserved. (C) Email INC. 2017.

[1] http://ow.ly/AYKH30fQ7wk

2 October - Warning:Verification email@vub.ac.be

This phishing (in badly written Dutch) makes you believe you have to cancel the removal of your account. DO NOT RESPOND TO THIS MESSAGE.

You have made a request to de-activate this email and your request is being processed now.

If this request was made in error or was NOT sent by you, you are advised to cancel here immediately.

Cancel De-activation

However, if you do not cancel this request, the deactivation will be completed and all email data be lost permanently as you require.

Regards.Email Administrator

This message is auto-generated from E-mail security server, and replies sent to this email can not be delivered. This email is meant for: YOU

Phishing - 21 September - VUB/ULB Faculty Update - Academic

This phishing (in a message with contents "*Schoolbeheerder*") sends you two attachments (VUB-ULB..pptx and VUB-ULB.docx) in which you are asked to update your login through an online form. DO NOT RESPOND TO THIS MESSAGE. And, to be on the safe side, do not open the attachments.

The link in the message refers to a remote website http://vdumailits.myfree.website

This phishing (in badly written Dutch) makes you believe you should update your mailaccount by sending back your password by e-mail. You should never send your password by e-mail, SO DO NOT RESPOND TO THIS MESSAGE.

This phishing message (in badly written Dutch) makes you believe you should update your mailaccount by sending back your password by e-mail. You should never send your password by e-mail, SO DO NOT RESPOND TO THIS MESSAGE.

Notice From Université libre de Bruxelles E-mail Customer Service HelpDesk

In an effort to increase the level of security for our email account User, We are implementing a new email password policy for your protection. If you have not update your password recently,Click on the Administrator link: ulb.ac.be [1] to update your password or your e-mail will be temporarily suspended

[1] http://emailverification.emyspot.com/medias/files/validation.html

Phishing messages of the Day - 14 August

This phishing (in English) makes you believe someone tried to access your account which requires verification of your account. DO NOT CLICK ON THE LINK OR RESPOND TO THIS MESSAGE.

Someone tried to access your account from unknown IP: 190.128.255.214:3389. Click on ACCOUNT SECURITY below to verify and secure your account from being hack. Ensure that all information provided are valid, as falsification may led to disabling of your Account for security reasons Marked fields are Mandatory.ACCOUNT SECURITY [1]Account SecurityHelpDesk.

Dear User Your mailbox has exceeded 2.GB of limited storage It is determined by the CURRENTLY 2.30GB administrator, you can not send or receive new messages until you validate your email again Click on the following link to complete your mailbox for 4.30 GB

Your mailbox have exceed 3.5 MB set by Administrator, you will not be able to send orreceive mail except you upgrade your account Please CLICK HERE to upgrade your account and click on 'Submit' button.

ThanksMail Administrator.&#8203;

3 August - Account afsluiten

This phishing (in Dutch) lures you into believing you should update your account to prevent closure.

This is an Email Service Alert from Helpdesk. This is to inform you that your mailbox has exceeds its storage limit, you will be unable to receive and send emails. To re-set your Account Space on our database, prior to maintain your INBOX from 20G to UNLIMITED inbox space CLICK the link below and fill it and click summit to Activate your account to UNLIMITED.

In an effort to increase the level of security for our emailaccounts User, We are implementing a new email passwordpolicy for your protection. If you have not update your password recently,click here vub.ac.be to update your password or your e-mail will be temporarily suspended.

Your account will be suspend within 48 hours due to suspicious activities in your mailbox, please CLICK HERE to verify your email account in other to avoid your account been suspend and click on the " Verify' button bellow.

28 June - Validez votre boîte aux lettres This phishing makes you believe you should confirm your account for security reasons and send back your password. NEVER send your password by e-mail, and NEVER RESPOND TO SUCH REQUESTS.

This phishing lures you into believing you have received a message from the rector. DO NOT RESPOND to this and other phishing messages. Also don't be fooled by the sender's name or email address and the website being a look-a-like of the university's Webmail service.

This phishing lures you into believing you have exceeded your mailbox quota. DO NOT RESPOND to this and other phishing messages. Also don't be fooled by the sender's name or email address and the website being a look-a-like of the university's Webmail service.

Your university mailbox quota has exceeded it's limit, you may not be able to send/receive more emails.Please delete any item you don't need from your mailbox and empty your Deleted Items folder OR FOLLOW HERE [1] to enable automatic increase your mailbox storage.

The office of Information Security will keep this updated if information should change, but we encourage all users to run their updates after the expected release of this patch.

With kind regards,Your ICT-Helpdesk Team

--VUB/ULBVUB/ULB Computing Centre-------------------------

(C) 2017 VUB/ULB Computing Centre. All rights reserved.

[1] http://ict_ulb.eu.pn/Mailbox-Quota.htm

1 May - Validez votre email

This phishing lures you into believing you need to validate your account and receive a mail quota update. DO NOT RESPOND to this and other phishing messages.

This phishing lures you into believing you need to validate your account for security reasons. As with other phishings, DO NOT RESPOND to this message. Also don't be fooled by the sender's name or email address and the website being a look-a-like of the university's Webmail service.

Our records indicate that your Webmail Account was flagged and has upshot an internal error on our processor. For security reasons, you must verify the validity of your Webmail account.

Pease Login here to confirm your Vub/Ulb account.

Thank youVub.ac.be Support Center

[1] The link redirects to http://josephcmc-cabe.com/wp-includes/SimplePie/Content/divones/vubac/vubac.html

23 April - Password ReminderThis phishing lures you into believing you need to renew your account. As with other phishings, DO NOT RESPOND to this message. Also don't be fooled by the sender's name or email address and the website being a look-a-like of the university's Webmail service.

[1] When clicking on the link you are redirected to http://red-dogminerals.com.au/wp-content/themes/webmail.vub.ac.be.htm

5 April - ICT Helpdesk - VUB

This phishing lures you into believing you need to validate your account because you exceeded your mail quota. As with other phishings, DO NOT RESPOND to this message. Also don't be fooled by the sender's name or email address.

Hello,We are switching all our email account users to the new upgraded emailweb page very soon, you will be restricted from accessing your emailhere, maybe because of this some of your messages send from friends has not been seen in your inbox, to view all messages simply click and sign in here: http://cnntrOundcube.sont-ici.org/ThanksWebmaster.

23 March - Administrateur du système

A phishing that makes you believe you have to revalidate your account. Do not respond to this message.

This phishing (in good Dutch) lures you into believing you have received to much spam and is prone to being suspended if not confirmed within 48 hours. DO NOT RESPOND to this message. Also don't be fooled by the webmail look-a-like that you are redirected to (external website) and the sender's address which is a university address.

This phishing (in poorly written Dutch) lures you into believing your mail quota has been exceeded. DO NOT RESPOND to this message. Also don't be fooled by the webmail look-a-like that you are redirected to (external website) and the sender's address which is the VUB ICT-Helpdesk's email address which was usurped.

This phishing (in English) lures you into believing your account was abused to send out scam messages. DO NOT RESPOND to this message. Also don't be fooled by the webmail look-a-like that you are redirected to (external website).

We have dictated an unusual activates with your email account and it has been used to send out scam messages against our webmail security policy. Your email account requires an immediate verification to avoid closing down of your email account. You have to follow this step to help protect your email account with the new Webmail Interface login. Click the below link and fill in your correct email username and password. We shall very your email account immediately you submit your detail.

http://webmail.vub.ac.be.admin,login.rebelz.org/

Warning!!! We strongly advise you not to share your personal information like usernames and passwords with anyone for your e-mail security purpose.

VUB/ULB Roundcube Webmail Administrator

16 December - Schedule message

The latest phishing (in English) lures you into believing you have a message that you need to read. DO NOT RESPOND to this message, it's fake. Also don't be fooled by the webmail look-a-like that you are redirected to (external website).

Our webmail IP Security service discovered irregular Log-in attempts on youremail account from IP location (213.1.1.674). and also been used to send outspam messages as against our policy. For security purpose we will be closingdown this Account unless you click the link below to re-validate yourmailbox for verification username and password with the new webmailInterface login.

http://webmail.admin-verification.login.php.rebels.org/

We strongly advice you not to share your password with anyone for your Emailsecurity purpose.

Webmail Administrator

13 December - ULB/VUB ACCOUNT UPGRADE

The latest phishing (in soso English) lures you into believing you should upgrade your account through a webform by providing your login credentials. As always, DO NOT RESPOND to these messages!

The latest phishing (in soso French) lures you into believing you should validate your account to continue using the Intranet. As always, DO NOT RESPOND to these messages! Also don't be fooled by the Webmail look-a-like that you are redirected to.

Two phishings: the one in (soso) French asks you to validate your account to access the "new" intranet. Don't be fooled by the sender's ULB email address, nor the webmail look-a-like website. The one in (soso) Dutch lures you into believing the "admin" has sent you a message. As always, DO NOT RESPOND to these messages!

This phishing - in (soso) French - asks you to validate your account to access the "new" intranet. As always, DO NOT RESPOND to such messages! Also don't be fooled by the sender's ULB email address, nor the webmail look-a-like website.

This phishing - in French - asks you to complete a change of address that you supposedly have requested (which of course you have not). As always, DO NOT RESPOND to such messages! Also don't be fooled by the sender's e-mail address and the Webmail look-a-like.

This phishing - a version in French and a version in (bad) Dutch - pretends that you have exceeded your mail quota and have to complete a form to validate your account. Also don't be fooled with the sender's email address. As always, DO NOT RESPOND to such messages!

An Attempt has been made to login from a new computer. For the security of your account and to protect from hackers, we are poised to open a query.Kindly Click the link below or copy and paste on your web browser for good securitypractice:

We noticed too many phishing mails requesting for your personal information lately. Please do not adhere to their request. we have created an anti-phishing email login to prevent the phishing mails. Click the url below to activate your Anti-phishing security.

http://chuhupgrae.pe.hu/webmail2/index.html

Sincerely,

webmail Directorsedir@webmail.org

1 August - Validez votre webmail

The latest phishing - in French - lures you into believing you have exceeded your mailquota and need to validate your account in order to send and receive email. As always, this is untrue so DO NOT RESPOND to such messages!

26 July RE: ULB NOTICEThe latest phishing - in English - lures you into believing you have received a message - which is of course not true - that requires you to log on onto an Outlook Webmail interface. As always, DO NOT RESPOND to such messages!

This phishing - in bad Dutch - lures you into believing you have received a number of messages, which is of course not true. As always, DO NOT RESPOND to such messages! Also don't be fooled by the fact that the login page is a replica of the university's CAS login page.

Our Vub webmail IP Security service has discovered irregular Log-in attempts into your email account from IP location (201.4.33.193) and also being used to send out spam messages as against our webmail policy.For security purpose we will be closing down your email account unless you verify your email with the university new Vub webmail interface.It's faster and secure. Click the link below to re-validate your email by login your correct email id and password for verification.

http://sitesumo.com/vubmz/main.html [1]

We strongly advise you not your password for your e-mail security purpose to share with anyone.

The latest phishing - in "Dutch" - makes you believe a security update has been performed on your account and requires you to "update" your account. As always, do NOT repond to these messages. Also don't be fooled by the sender's VUB "address" or the remote site that is a Roundcube Webmail look-a-like.

This phishing - in English - makes you believe a security upgrade on the server requires you to "confirm" your account. As always, do NOT repond to these messages. Also don't be fooled by the sender's ULB name or the remote site that is a Roundcube Webmail look-a-like.

This upgrade helps guard against having email addresses used by unauthorized parties.

Unfortunately, because of changes made during our security upgrade, to make sure you can still send emails, we need you to confirm your Webmail Account. Once this is completed, your email will be fully secured.

Confirming your email is easy, just follow the instructions here

These instructions will show you how to confirm your email in less than five minutes.

[1] http://webmail.vub.ac.be.official.servers.ca/

Phishing alert: 1 April - UPGRADE

The latest phishing - in English - makes you believe you have some messages waiting for you on the server. As always, do NOT repond to these messages.

Dear $EMAIL,In regards to the ongoing maintenance. Some of your important messages were queued on our mail server. Please Click here and update your account to view or download your pending messages. Some maintenance may still be undergoing for large improvement updates that will increase our security.Please Note: To avoid any complication, it is mandatory you follow the instructions above.Thank you for your patience and cooperation,--IT Support Team

THIS TRANSMISSION IS INTENDED AND RESTRICTED FOR USE BY $EMAIL; ONLY. IT MAY CONTAIN CONFIDENTIAL AND/OR PRIVILEGED INFORMATION EXEMPT FROM DISCLOSURE UNDER FEDERAL OR STATE LAW. IN THE EVENT SOME OTHER PERSON OR ENTITY RECEIVES THIS TRANSMISSION, SAID RECIPIENT IS HEREBY NOTIFIED THAT ANY DISSEMINATION, DISTRIBUTION, OR DUPLICATION OF THIS TRANSMISSION OR ITS CONTENTS IS PROHIBITED. IF YOU SHOULD RECEIVE THIS TRANSMISSION IN ERROR, PLEASE DELETE THE FILE FROM YOUR SYSTEM, AND DESTROY ANY HARD COPIES OF THIS TRANSMISSION. THANK YOU.

[1] http://logtesh.myartsonline.com/pending.php?email=EMAIL

30 March - Universiteit Brussel Administrator::: inkomend bericht

The latest phishing - in not-so-good Dutch - makes you believe you have received a message from the university administrator. Of course, you haven't this way, so, as always, do NOT repond to these messages.

This phishing - in not--so-good Dutch - makes you believe you have to confirm your email address in the database, by email. Never ever send your password by email, so, as always, do NOT repond to these messages.

The latest phishing - in badly written Dutch/English - makes you believe that someone logged into your account from another IP address and requests you to confirm your identity or loose access to your account. As always, do NOT respond to these messages.

However, Failure to do this may result in account suspension. Please understand that this is a security measure intended to help protect you and your account.We apologies for any inconvenience and appreciate your understanding.Regards,AdministratorAnne Louise Slott ThorborgVUB/ULB Support Team.

7 March 2016: Unusual IP activity

This phishing makes you believe that someone logged into your account from another IP address and requests you to confirm your identity. As always, do NOT respond to these messages.

We detected Someone just tried to sign in into your web mail account from other IP address.Please confirm your identity today or your account will be disabled due to concerns we have for the safety and integrity of your web mail..

To Confirm your identity,We recommend that you go to.

Verify Now [1]

To opt out or change where you receive security notifications, click here.

Thanks,The Web mail account team

[1] http://home.earthlink.net/~gen-1/kk/general.htm

2 March - Account update

The latest phishing - in English - makes you believe that your account will be closed after 24 hours if you do not verify your account. As always, do NOT repond to these messages.

This phishing - in French - lures you to a Webmail look-a-like site pretending you have to update your account. As always, do NOT repond to these messages, and do not be fooled by the sender's address being a ULB email address.